cpu.share is not properly set for containers in kubernetes #8358
Description
I were trying to use limitRange to set default cpu request for each container to prevent overcommit a node badly before we have more intelligent scheduler, and identified the issue.
Through kubernetes I scheduled a container asking for 400m, (409 cpu.share) but kubernetes always assigns 1024 cpu.share to that cgroup.
# cat /sys/fs/cgroup/cpu/docker/63b0724fdfa08d44401bf7965689bd4105f099beb751b31d1bf26e2aeb71fadc/cpu.shares
1024
Initially I thought kubelet doesn't pass cpu limit properly to docker, but docker inspect proves I were wrong:
# docker inspect 63b0724fdfa08d44401bf7965689bd4105f099beb751b31d1bf26e2aeb71fadc
[{
"AppArmorProfile": "",
"Args": [
"-g",
"daemon off;"
],
"Config": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"CpuShares": 409,
"Cpuset": "",
"Domainname": "",
"Entrypoint": null,
"Env": [
...
Then I thought it might be capped at docker level, but I tested it through docker cli, and proves I were wrong again:
# docker run -c 200 busybox sh
[{
"AppArmorProfile": "",
"Args": [],
"Config": {
"AttachStderr": true,
"AttachStdin": true,
"AttachStdout": true,
"Cmd": [
"sh"
],
"CpuShares": 200,
...
# cat /sys/fs/cgroup/cpu/docker/efc87fa9a7c0087c60e116d0832e11d7f74a3c3c4ad51bd0348d7ec28a871037/cpu.shares
200
It might be docker/libcontainer issue and triggered by the way how we are using docker itself. Filed the issue here for investigation. @vmarmol is going to look into it.